﻿using ManagementSystem.App_LocalResources;
using ManagementSystem.Models;
using MS.Entities;
using MS.Enums.Common;
using MS.Identity;
using MS.Utility.Common;
using MS.Utility.Config;
using Newtonsoft.Json;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Web;
using System.Web.Mvc;

namespace ManagementSystem.Filter
{
    [AttributeUsage(AttributeTargets.All, AllowMultiple = false, Inherited = false)]
    public class LoginFilterAttribute : ActionFilterAttribute
    {
        private Platform platform;
        public LoginFilterAttribute(Platform platform)
        {
            this.platform = platform;
        }
        public override void OnActionExecuted(ActionExecutedContext filterContext)
        {

        }

        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            //判断是否登录，若未登录跳转到登录页面
            if (SecurityIdentity.GetLoginUid(platform) == 0)
            {
                if (filterContext.HttpContext.Request.RequestType == "POST")
                {
                    JsonResultModel model = new JsonResultModel();
                    model.code = Code.UNLOGIN;
                    model.message = Message.UNLOGIN;
                    model.data = new { };

                    JsonResult jsonResult = new JsonResult();
                    jsonResult.Data = model;
                    filterContext.Result = jsonResult;
                }
                else
                {
                    filterContext.HttpContext.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
                    filterContext.HttpContext.Response.Redirect("/BMS/Login?from=" + UserHelper.GetRequestUrl());
                }
            }
            else
            {
                //登录后判断是否有操作权限
                //判断是否是白名单用户
                LoginUser loginUser = SecurityIdentity.GetLoginUser(platform);
                if (!ConfigSetting.WhiteList.Contains(loginUser.UserAccount.Account))
                {
                    string strBase = "";
                    switch (platform)
                    {
                        case Platform.BMS:
                            strBase = "/bms/";
                            break;
                    }
                    string url = strBase + filterContext.HttpContext.Request.RequestContext.RouteData.Values["controller"].ToString().Trim().ToLower();
                    if (filterContext.HttpContext.Request.RequestContext.RouteData.Values["action"].ToString().Trim().ToLower() != "index")
                    {
                        url += "/" + filterContext.HttpContext.Request.RequestContext.RouteData.Values["action"].ToString().Trim().ToLower();
                    }



                    List<string> list = (from o in loginUser.FunctionList select o.Url.ToLower()).ToList();
                    if (!list.Contains(url))
                    {
                        if (filterContext.HttpContext.Request.RequestType == "POST")
                        {
                            JsonResultModel model = new JsonResultModel();
                            model.code = Code.UNAUTHORITY;
                            model.message = Message.UNAUTHORITY;
                            model.data = new { };

                            JsonResult jsonResult = new JsonResult();
                            jsonResult.Data = model;
                            filterContext.Result = jsonResult;
                        }
                        else
                        {
                            filterContext.HttpContext.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
                            filterContext.HttpContext.Response.Redirect("/BMS/Error/403");
                        }
                    }
                }
            }
        }
    }
}